Make sure that some memory zeroing always happens.

RsyncProject · Jan 8, 2019 · c376170 · c376170
1 parent 4816317
commit c376170
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 5 deletions.
diff --git a/authenticate.c b/authenticate.c
@@ -162,8 +162,8 @@ static const char *check_secret(int module, const char *user, const char *group,
 
 	fclose(fh);
 
-	memset(line, 0, sizeof line);
-	memset(pass2, 0, sizeof pass2);
+	force_memzero(line, sizeof line);
+	force_memzero(pass2, sizeof pass2);
 
 	return err;
 }
@@ -318,8 +318,8 @@ char *auth_server(int f_in, int f_out, int module, const char *host,
 		err = check_secret(module, line, group, challenge, pass);
 	}
 
-	memset(challenge, 0, sizeof challenge);
-	memset(pass, 0, strlen(pass));
+	force_memzero(challenge, sizeof challenge);
+	force_memzero(pass, strlen(pass));
 
 	if (auth_uid_groups) {
 		int j;

diff --git a/fileio.c b/fileio.c
@@ -322,7 +322,9 @@ int unmap_file(struct map_struct *map)
 		map->p = NULL;
 	}
 	ret = map->status;
-	memset(map, 0, sizeof map[0]);
+#if 0 /* I don't think we really need this. */
+	force_memzero(map, sizeof map[0]);
+#endif
 	free(map);
 
 	return ret;

diff --git a/util.c b/util.c
@@ -1682,3 +1682,11 @@ void *expand_item_list(item_list *lp, size_t item_size,
 	}
 	return (char*)lp->items + (lp->count++ * item_size);
 }
+
+/* This zeroing of memory won't be optimized away by the compiler. */
+void force_memzero(void *buf, size_t len)
+{
+    volatile uchar *z = buf;
+    while (len-- > 0)
+	*z++ = '\0';
+}